CVE-2026-12706 Ffmpeg: ffmpeg: heap use-after-free read in rasc decoder decode_move()
A use-after-free vulnerability was found in FFmpeg's RASC video decoder. The decodemove function initializes a read pointer into a decompressed buffer, but a subsequent reallocation of that same buffer during move-table processing leaves the pointer dangling. An attacker could exploit this by...